McAfee collects data from billions of IP addresses and network ports, and calculates a reputation score based on network traffic, including port, destination, protocol, and inbound and outbound connection requests. The score reflects the likelihood that a network connection poses a threat, such as a connection associated with botnet control.

Coupling a single firewall rule with a GTI-only policy lets you immediately receive the benefit of cloud intelligence on known botnets and their command and control centers. This is achieved with little effort, minimal overhead, and no interference with your existing host or network firewall rules. To learn more about Host Intrusion Prevention for Desktop features, please download the data sheet.

Trial Installation Requirements

While coupling desktop firewall with GTI can give you additional benefits it is not a requirement for the firewall.

Use Case

Follow these steps to assign a policy that simply enables the firewall and sets the sensitivity level for GTI at Medium risk or higher. At this point, no firewall ruleset is active or assigned. Enabling the Firewall and setting GTI to medium risk or higher.

Click Save. The policy is now assigned to that group and all its subgroups.

Repeat the above steps for your Laptops group.

Perhaps you have shied away from Host IPS, feeling that it would be a complex or lengthy process to deploy, or had concern about blocking legitimate processes. By following a logical, systematic approach, you can quickly realize the benefits of deploying Host IPS in your environment. While the policies applied here are sufficient for initial testing, prior to full production deployment you are strongly encouraged to read over the deployment methodology discussed in detail in the: Host IPS 8.0 Installation Guide, pp. 11-26.